<html>
<META http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<head>
<title>Section A.12.&nbsp; Chapter 12</title>
<link rel="STYLESHEET" type="text/css" href="images/style.css">
<link rel="STYLESHEET" type="text/css" href="images/docsafari.css">
</head>
<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><td><div STYLE="MARGIN-LEFT: 0.15in;">
<a href=learnphpmysql-APP-A-SECT-11.html><img src="images/prev.gif" width="60" height="17" border="0" align="absmiddle" alt="Previous Page"></a>
<td align="right"><div STYLE="MARGIN-LEFT: 0.15in;">
<a href=learnphpmysql-APP-A-SECT-13.html><img src="images/next.gif" width="60" height="17" border="0" align="absmiddle" alt="Next Page"></a>
</div></td></tr></table>
<br><table width="100%" border="0" cellspacing="0" cellpadding="0"><tr><TD valign="top"><a name="learnphpmysql-APP-A-SECT-12"></a>
<h3 id="631450-939" class="docSection1Title">A.12. Chapter 12</h3>
<dl class="docList">
<dt><br><p><span class="docPubcolor"><span class="docEmphStrong">Solution to Question 12-1</span></span></p></dt>
<dd><p class="docList">To add the <tt>published_date</tt> column, use the connection and query code that are employed throughout the chapter, but modify the query string to create the new column:</p>
<pre>
&lt;?php
require_once('db_login.php');
//sets the values for the database connection
require_once('DB.php');
//connect to the database
$connection = DB::connect("mysql://$db_username:$db_password@$db_host/$db_database");
if (DB::isError($connection)){
die ("Could not connect to the database: &lt;br /&gt;". DB::errorMessage($connection));
}
//modify the table
$query = "<b>ALTER TABLE books ADD published_date date</b>";
//check for an error
$result = $connection-&gt;query($query);
if (DB::isError($result)){
die("Could not query the database: &lt;br /&gt;". $query." ".DB::errorMessage($result));
}
echo "Modified successfully!";
$connection-&gt;disconnect();
?&gt;
</pre><br>

</dd>

<dt><br><p><span class="docPubcolor"><span class="docEmphStrong">Solution to Question 12-2</span></span></p></dt>
<dd><p class="docList">SQL Injection and Cross Site Scripting attacks. SQL Injection attacks attempt to insert special characters that change the meaning of an SQL query, while Cross Site Scripting attacks attempt to reveal private information from a session by inserting malicious HTML.</p></dd>

<dt><BR><p><span class="docPubcolor"><span class="docEmphStrong">Solution to Question 12-3</span></span></p></dt>
<dd><p class="docList">The <tt>get_magic_quotes_gpc()</tt> function returns <tt>TRUE</tt> if magic quotes are enabled.</P></dd>

<dt><br><P><span class="docPubcolor"><span class="docEmphStrong">Solution to Question 12-4</span></span></p></dt>
<dd><p class="docList">The <tt>htmlentities()</tt> function escapes any HTML that might otherwise be exploited.</p></dd>
</dl>

</TD></TR></table>
<br>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><td><div STYLE="MARGIN-LEFT: 0.15in;">
<a href=learnphpmysql-APP-A-SECT-11.html><img src="images/prev.gif" width="60" height="17" border="0" align="absmiddle" alt="Previous Page"></a>
<td align="right"><div STYLE="MARGIN-LEFT: 0.15in;">
<a href=learnphpmysql-APP-A-SECT-13.html><img src="images/next.gif" width="60" height="17" border="0" align="absmiddle" alt="Next Page"></a>
</div></td></tr></table>
<script type="text/javascript"><!--
google_ad_client = "pub-0203281046321155";
google_alternate_ad_url = "http://www.bookhtml.com/adbrite.htm";
google_ad_width = 728;
google_ad_height = 90;
google_ad_format = "728x90_as";
google_ad_type = "text_image";
google_ad_channel ="4867465545";
google_color_border = "FFFFFF";
google_color_link = "0000FF";
google_color_bg = "FFFFFF";
google_color_text = "000000";
google_color_url = "0000FF";
//--></script>
<script type="text/javascript"
  src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</html>
